+

DE602005020609D1 - TEM - Google Patents

TEM

Info

Publication number
DE602005020609D1
DE602005020609D1 DE602005020609T DE602005020609T DE602005020609D1 DE 602005020609 D1 DE602005020609 D1 DE 602005020609D1 DE 602005020609 T DE602005020609 T DE 602005020609T DE 602005020609 T DE602005020609 T DE 602005020609T DE 602005020609 D1 DE602005020609 D1 DE 602005020609D1
Authority
DE
Germany
Prior art keywords
events
patterns
manager
present
event stream
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE602005020609T
Other languages
German (de)
Inventor
Kumar Saurabh
Kenny Tidwell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ArcSight LLC
Original Assignee
ArcSight LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ArcSight LLC filed Critical ArcSight LLC
Publication of DE602005020609D1 publication Critical patent/DE602005020609D1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Quality & Reliability (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Burglar Alarm Systems (AREA)
  • Small-Scale Networks (AREA)
  • Alarm Systems (AREA)
  • Glass Compositions (AREA)
  • Debugging And Monitoring (AREA)

Abstract

Patterns can be discovered in events collected by a network system. In one embodiment, the present invention includes collecting and storing events from a variety of monitor devices. In one embodiment, a subset of the stored events is provided to a manager as an event stream. In one embodiment, the present invention further includes the manager discovering one or more previously unknown event patterns in the event stream.
DE602005020609T 2004-05-04 2005-05-04 TEM Expired - Lifetime DE602005020609D1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/839,613 US7509677B2 (en) 2004-05-04 2004-05-04 Pattern discovery in a network security system
PCT/US2005/015933 WO2005107424A2 (en) 2004-05-04 2005-05-04 Pattern discovery in a network security system

Publications (1)

Publication Number Publication Date
DE602005020609D1 true DE602005020609D1 (en) 2010-05-27

Family

ID=35240831

Family Applications (1)

Application Number Title Priority Date Filing Date
DE602005020609T Expired - Lifetime DE602005020609D1 (en) 2004-05-04 2005-05-04 TEM

Country Status (12)

Country Link
US (2) US7509677B2 (en)
EP (1) EP1749386B1 (en)
JP (1) JP5038888B2 (en)
KR (1) KR101007899B1 (en)
AT (1) ATE464729T1 (en)
AU (1) AU2005240203B2 (en)
CA (1) CA2565343C (en)
DE (1) DE602005020609D1 (en)
IL (1) IL178861A (en)
NZ (1) NZ550752A (en)
PL (1) PL1749386T3 (en)
WO (1) WO2005107424A2 (en)

Families Citing this family (132)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8209756B1 (en) 2002-02-08 2012-06-26 Juniper Networks, Inc. Compound attack detection in a computer network
US8479057B2 (en) * 2002-11-04 2013-07-02 Riverbed Technology, Inc. Aggregator for connection based anomaly detection
US8504879B2 (en) * 2002-11-04 2013-08-06 Riverbed Technology, Inc. Connection based anomaly detection
US7650638B1 (en) 2002-12-02 2010-01-19 Arcsight, Inc. Network security monitoring system employing bi-directional communication
US7376969B1 (en) 2002-12-02 2008-05-20 Arcsight, Inc. Real time monitoring and analysis of events from multiple network security devices
US7788722B1 (en) 2002-12-02 2010-08-31 Arcsight, Inc. Modular agent for network security intrusion detection system
US7219239B1 (en) 2002-12-02 2007-05-15 Arcsight, Inc. Method for batching events for transmission by software agent
US8176527B1 (en) 2002-12-02 2012-05-08 Hewlett-Packard Development Company, L. P. Correlation engine with support for time-based rules
US7607169B1 (en) 2002-12-02 2009-10-20 Arcsight, Inc. User interface for network security console
US7899901B1 (en) 2002-12-02 2011-03-01 Arcsight, Inc. Method and apparatus for exercising and debugging correlations for network security system
US7260844B1 (en) 2003-09-03 2007-08-21 Arcsight, Inc. Threat detection in a network security system
US9027120B1 (en) 2003-10-10 2015-05-05 Hewlett-Packard Development Company, L.P. Hierarchical architecture in a network security system
US8015604B1 (en) 2003-10-10 2011-09-06 Arcsight Inc Hierarchical architecture in a network security system
US7984175B2 (en) 2003-12-10 2011-07-19 Mcafee, Inc. Method and apparatus for data capture and analysis system
US8656039B2 (en) 2003-12-10 2014-02-18 Mcafee, Inc. Rule parser
US20050131876A1 (en) * 2003-12-10 2005-06-16 Ahuja Ratinder Paul S. Graphical user interface for capture system
US7814327B2 (en) * 2003-12-10 2010-10-12 Mcafee, Inc. Document registration
US7774604B2 (en) * 2003-12-10 2010-08-10 Mcafee, Inc. Verifying captured objects before presentation
US8548170B2 (en) 2003-12-10 2013-10-01 Mcafee, Inc. Document de-registration
US7899828B2 (en) * 2003-12-10 2011-03-01 Mcafee, Inc. Tag data structure for maintaining relational data over captured objects
US7565696B1 (en) 2003-12-10 2009-07-21 Arcsight, Inc. Synchronizing network security devices within a network security system
US7930540B2 (en) * 2004-01-22 2011-04-19 Mcafee, Inc. Cryptographic policy enforcement
US8528077B1 (en) * 2004-04-09 2013-09-03 Hewlett-Packard Development Company, L.P. Comparing events from multiple network security devices
US7509677B2 (en) 2004-05-04 2009-03-24 Arcsight, Inc. Pattern discovery in a network security system
US7962591B2 (en) * 2004-06-23 2011-06-14 Mcafee, Inc. Object classification in a capture system
US8560534B2 (en) * 2004-08-23 2013-10-15 Mcafee, Inc. Database for a capture system
US7949849B2 (en) * 2004-08-24 2011-05-24 Mcafee, Inc. File system for a capture system
US7644438B1 (en) 2004-10-27 2010-01-05 Arcsight, Inc. Security event aggregation at software agent
US9100422B1 (en) * 2004-10-27 2015-08-04 Hewlett-Packard Development Company, L.P. Network zone identification in a network security system
US20060130070A1 (en) * 2004-11-22 2006-06-15 Graf Lars O System and method of event correlation
US7809131B1 (en) 2004-12-23 2010-10-05 Arcsight, Inc. Adjusting sensor time in a network security system
US7647632B1 (en) 2005-01-04 2010-01-12 Arcsight, Inc. Object reference in a system
US8850565B2 (en) * 2005-01-10 2014-09-30 Hewlett-Packard Development Company, L.P. System and method for coordinating network incident response activities
US7809826B1 (en) * 2005-01-27 2010-10-05 Juniper Networks, Inc. Remote aggregation of network traffic profiling data
US7937755B1 (en) 2005-01-27 2011-05-03 Juniper Networks, Inc. Identification of network policy violations
US7797411B1 (en) 2005-02-02 2010-09-14 Juniper Networks, Inc. Detection and prevention of encapsulated network attacks using an intermediate device
US7844999B1 (en) 2005-03-01 2010-11-30 Arcsight, Inc. Message parsing in a network security system
US20060248179A1 (en) * 2005-04-29 2006-11-02 Short Michael E Method and system for event-driven network management
GB0513375D0 (en) 2005-06-30 2005-08-03 Retento Ltd Computer security
US8209759B2 (en) * 2005-07-18 2012-06-26 Q1 Labs, Inc. Security incident manager
US7907608B2 (en) * 2005-08-12 2011-03-15 Mcafee, Inc. High speed packet capture
US7818326B2 (en) * 2005-08-31 2010-10-19 Mcafee, Inc. System and method for word indexing in a capture system and querying thereof
US20070089172A1 (en) * 2005-10-14 2007-04-19 Bare Ballard C Methods for identifying self-replicating threats using historical data
US7730011B1 (en) 2005-10-19 2010-06-01 Mcafee, Inc. Attributes of captured objects in a capture system
US7657104B2 (en) * 2005-11-21 2010-02-02 Mcafee, Inc. Identifying image type in a capture system
US7663479B1 (en) * 2005-12-21 2010-02-16 At&T Corp. Security infrastructure
US20070226504A1 (en) * 2006-03-24 2007-09-27 Reconnex Corporation Signature match processing in a document registration system
US8504537B2 (en) 2006-03-24 2013-08-06 Mcafee, Inc. Signature distribution in a document registration system
US7689614B2 (en) * 2006-05-22 2010-03-30 Mcafee, Inc. Query generation for a capture system
US8010689B2 (en) * 2006-05-22 2011-08-30 Mcafee, Inc. Locational tagging in a capture system
US7958227B2 (en) 2006-05-22 2011-06-07 Mcafee, Inc. Attributes of captured objects in a capture system
US20070300300A1 (en) * 2006-06-27 2007-12-27 Matsushita Electric Industrial Co., Ltd. Statistical instrusion detection using log files
US9715675B2 (en) 2006-08-10 2017-07-25 Oracle International Corporation Event-driven customizable automated workflows for incident remediation
US7870612B2 (en) * 2006-09-11 2011-01-11 Fujian Eastern Micropoint Info-Tech Co., Ltd Antivirus protection system and method for computers
US9824107B2 (en) * 2006-10-25 2017-11-21 Entit Software Llc Tracking changing state data to assist in computer network security
US9166989B2 (en) 2006-12-28 2015-10-20 Hewlett-Packard Development Company, L.P. Storing log data efficiently while supporting querying
US20080184368A1 (en) * 2007-01-31 2008-07-31 Coon James R Preventing False Positive Detections in an Intrusion Detection System
WO2008098260A1 (en) * 2007-02-09 2008-08-14 Smobile Systems, Inc. Off-line mms malware scanning system and method
WO2008128177A1 (en) * 2007-04-13 2008-10-23 The University Of Vermont And State Agricultural College Relational pattern discovery across multiple databases
KR100901696B1 (en) 2007-07-04 2009-06-08 한국전자통신연구원 Apparatus and method for sampling security events based on the content of security events
US8091065B2 (en) * 2007-09-25 2012-01-03 Microsoft Corporation Threat analysis and modeling during a software development lifecycle of a software application
US8612409B2 (en) * 2007-12-18 2013-12-17 Yahoo! Inc. Method and apparatus for detecting and explaining bursty stream events in targeted groups
US7953685B2 (en) * 2007-12-27 2011-05-31 Intel Corporation Frequent pattern array
US8839345B2 (en) * 2008-03-17 2014-09-16 International Business Machines Corporation Method for discovering a security policy
CA2924049C (en) 2008-04-01 2019-10-29 Nudata Security Inc. Systems and methods for implementing and tracking identification tests
US9842204B2 (en) 2008-04-01 2017-12-12 Nudata Security Inc. Systems and methods for assessing security risk
US8495701B2 (en) 2008-06-05 2013-07-23 International Business Machines Corporation Indexing of security policies
US8205242B2 (en) 2008-07-10 2012-06-19 Mcafee, Inc. System and method for data mining and security policy management
US9253154B2 (en) 2008-08-12 2016-02-02 Mcafee, Inc. Configuration management for a capture/registration system
US8504504B2 (en) * 2008-09-26 2013-08-06 Oracle America, Inc. System and method for distributed denial of service identification and prevention
US8850591B2 (en) 2009-01-13 2014-09-30 Mcafee, Inc. System and method for concept building
US8706709B2 (en) 2009-01-15 2014-04-22 Mcafee, Inc. System and method for intelligent term grouping
US8473442B1 (en) 2009-02-25 2013-06-25 Mcafee, Inc. System and method for intelligent state management
US8667121B2 (en) 2009-03-25 2014-03-04 Mcafee, Inc. System and method for managing data and policies
US8447722B1 (en) 2009-03-25 2013-05-21 Mcafee, Inc. System and method for data mining and security policy management
US9215212B2 (en) * 2009-06-22 2015-12-15 Citrix Systems, Inc. Systems and methods for providing a visualizer for rules of an application firewall
US9269061B2 (en) * 2009-12-10 2016-02-23 Equinix, Inc. Performance, analytics and auditing framework for portal applications
US8595176B2 (en) * 2009-12-16 2013-11-26 The Boeing Company System and method for network security event modeling and prediction
EP2438511B1 (en) 2010-03-22 2019-07-03 LRDC Systems, LLC A method of identifying and protecting the integrity of a set of source data
US10210162B1 (en) 2010-03-29 2019-02-19 Carbonite, Inc. Log file management
US9069954B2 (en) 2010-05-25 2015-06-30 Hewlett-Packard Development Company, L.P. Security threat detection associated with security events and an actor category model
US20120078912A1 (en) * 2010-09-23 2012-03-29 Chetan Kumar Gupta Method and system for event correlation
US20120095750A1 (en) * 2010-10-14 2012-04-19 Microsoft Corporation Parsing observable collections
US8806615B2 (en) 2010-11-04 2014-08-12 Mcafee, Inc. System and method for protecting specified data combinations
US8799188B2 (en) * 2011-02-08 2014-08-05 International Business Machines Corporation Algorithm engine for use in a pattern matching accelerator
US8412722B2 (en) * 2011-02-08 2013-04-02 International Business Machines Corporation Upload manager for use in a pattern matching accelerator
US8447749B2 (en) * 2011-02-08 2013-05-21 International Business Machines Corporation Local results processor for use in a pattern matching accelerator
US8478736B2 (en) * 2011-02-08 2013-07-02 International Business Machines Corporation Pattern matching accelerator
US8661456B2 (en) 2011-06-01 2014-02-25 Hewlett-Packard Development Company, L.P. Extendable event processing through services
EP2737427A4 (en) 2011-07-29 2015-04-15 Hewlett Packard Development Co Systems and methods for distributed rule-based correlation of events
KR20140059227A (en) 2011-09-09 2014-05-15 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. Systems and methods for evaluation of events based on a reference baseline according to temporal position in a sequence of events
US20130246336A1 (en) 2011-12-27 2013-09-19 Mcafee, Inc. System and method for providing data protection workflows in a network environment
US9026550B2 (en) * 2012-01-30 2015-05-05 Siemens Aktiengesellschaft Temporal pattern matching in large collections of log messages
US8789181B2 (en) 2012-04-11 2014-07-22 Ca, Inc. Flow data for security data loss prevention
US9531755B2 (en) * 2012-05-30 2016-12-27 Hewlett Packard Enterprise Development Lp Field selection for pattern discovery
WO2013180708A1 (en) * 2012-05-30 2013-12-05 Hewlett-Packard Development Company, L.P. Parameter adjustment for pattern discovery
US9715325B1 (en) 2012-06-21 2017-07-25 Open Text Corporation Activity stream based interaction
US10607007B2 (en) 2012-07-03 2020-03-31 Hewlett-Packard Development Company, L.P. Micro-virtual machine forensics and detection
US9223962B1 (en) * 2012-07-03 2015-12-29 Bromium, Inc. Micro-virtual machine forensics and detection
US9411955B2 (en) * 2012-08-09 2016-08-09 Qualcomm Incorporated Server-side malware detection and classification
US8938805B1 (en) * 2012-09-24 2015-01-20 Emc Corporation Detection of tampering with software installed on a processing device
US9830451B2 (en) 2012-11-30 2017-11-28 Entit Software Llc Distributed pattern discovery
US9922192B1 (en) 2012-12-07 2018-03-20 Bromium, Inc. Micro-virtual machine forensics and detection
US9471788B2 (en) * 2012-12-14 2016-10-18 Sap Se Evaluation of software applications
US9071535B2 (en) 2013-01-03 2015-06-30 Microsoft Technology Licensing, Llc Comparing node states to detect anomalies
US9420002B1 (en) * 2013-03-14 2016-08-16 Mark McGovern Authorization server access system
EP2785009A1 (en) * 2013-03-29 2014-10-01 British Telecommunications public limited company Method and apparatus for detecting a multi-stage event
EP2785008A1 (en) 2013-03-29 2014-10-01 British Telecommunications public limited company Method and apparatus for detecting a multi-stage event
EP3039566A4 (en) * 2013-08-28 2017-06-21 Hewlett-Packard Enterprise Development LP Distributed pattern discovery
US10430614B2 (en) 2014-01-31 2019-10-01 Bromium, Inc. Automatic initiation of execution analysis
US9794113B2 (en) * 2014-02-04 2017-10-17 Cisco Technology, Inc. Network alert pattern mining
US20150281276A1 (en) * 2014-03-26 2015-10-01 Juniper Networks, Inc. Monitoring compliance with security policies for computer networks
JP5640166B1 (en) 2014-03-31 2014-12-10 株式会社ラック Log analysis system
JP5640167B1 (en) 2014-03-31 2014-12-10 株式会社ラック Log analysis system
WO2015200211A1 (en) 2014-06-22 2015-12-30 Webroot Inc. Network threat prediction and blocking
CN105450600B (en) * 2014-08-19 2018-09-11 阿里巴巴集团控股有限公司 The recognition methods of operation and server
CN107209834B (en) * 2015-02-04 2020-07-07 日本电信电话株式会社 Malicious communication pattern extraction device, system and method thereof, and recording medium
US10395133B1 (en) 2015-05-08 2019-08-27 Open Text Corporation Image box filtering for optical character recognition
US10599844B2 (en) 2015-05-12 2020-03-24 Webroot, Inc. Automatic threat detection of executable files based on static data analysis
US10289686B1 (en) 2015-06-30 2019-05-14 Open Text Corporation Method and system for using dynamic content types
US20170223030A1 (en) 2016-01-29 2017-08-03 Splunk Inc. Detection of security transactions
JP6655416B2 (en) * 2016-02-17 2020-02-26 日立オートモティブシステムズ株式会社 Vehicle control device
US9948664B2 (en) * 2016-07-11 2018-04-17 Petabi, Inc. Method and system for correlation and management of distributed and heterogeneous events
US10474966B2 (en) * 2017-02-27 2019-11-12 Microsoft Technology Licensing, Llc Detecting cyber attacks by correlating alerts sequences in a cluster environment
US10586051B2 (en) * 2017-08-31 2020-03-10 International Business Machines Corporation Automatic transformation of security event detection rules
US10728034B2 (en) 2018-02-23 2020-07-28 Webroot Inc. Security privilege escalation exploit detection and mitigation
US11314863B2 (en) 2019-03-27 2022-04-26 Webroot, Inc. Behavioral threat detection definition and compilation
US11755927B2 (en) 2019-08-23 2023-09-12 Bank Of America Corporation Identifying entitlement rules based on a frequent pattern tree
US10911471B1 (en) * 2019-11-27 2021-02-02 The Florida International University Board Of Trustees Systems and methods for network-based intrusion detection
US11775639B2 (en) * 2020-10-23 2023-10-03 Sophos Limited File integrity monitoring
US12289332B2 (en) * 2021-11-15 2025-04-29 Cfd Research Corporation Cybersecurity systems and methods for protecting, detecting, and remediating critical application security attacks
US12072961B2 (en) 2022-07-29 2024-08-27 Bank Of America Corporation Systems and methods for password spraying identification and prevention using hash signature segmentation and behavior clustering analysis

Family Cites Families (63)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5557742A (en) 1994-03-07 1996-09-17 Haystack Labs, Inc. Method and system for detecting intrusion into and misuse of a data processing system
US5717919A (en) 1995-10-02 1998-02-10 Sybase, Inc. Database system with methods for appending data records by partitioning an object into multiple page chains
US5956404A (en) 1996-09-30 1999-09-21 Schneier; Bruce Digital signature with auditing bits
US6453345B2 (en) * 1996-11-06 2002-09-17 Datadirect Networks, Inc. Network security and surveillance system
US5850516A (en) 1996-12-23 1998-12-15 Schneier; Bruce Method and apparatus for analyzing information systems using stored tree database structures
US6192034B1 (en) 1997-06-30 2001-02-20 Sterling Commerce, Inc. System and method for network integrity management
US5978475A (en) 1997-07-18 1999-11-02 Counterpane Internet Security, Inc. Event auditing system
US6070244A (en) 1997-11-10 2000-05-30 The Chase Manhattan Bank Computer network security management system
US6408391B1 (en) 1998-05-06 2002-06-18 Prc Inc. Dynamic system defense for information warfare
US6275942B1 (en) 1998-05-20 2001-08-14 Network Associates, Inc. System, method and computer program product for automatic response to computer system misuse using active response modules
US6134664A (en) 1998-07-06 2000-10-17 Prc Inc. Method and system for reducing the volume of audit data and normalizing the audit data received from heterogeneous sources
US6408404B1 (en) 1998-07-29 2002-06-18 Northrop Grumman Corporation System and method for ensuring and managing situation awareness
US6321338B1 (en) 1998-11-09 2001-11-20 Sri International Network surveillance
US6839850B1 (en) 1999-03-04 2005-01-04 Prc, Inc. Method and system for detecting intrusion into and misuse of a data processing system
US6694362B1 (en) 2000-01-03 2004-02-17 Micromuse Inc. Method and system for network event impact analysis and correlation with network administrators, management policies and procedures
US7159237B2 (en) 2000-03-16 2007-01-02 Counterpane Internet Security, Inc. Method and system for dynamic network intrusion monitoring, detection and response
US7089428B2 (en) 2000-04-28 2006-08-08 Internet Security Systems, Inc. Method and system for managing computer security information
WO2001084775A2 (en) 2000-04-28 2001-11-08 Internet Security Systems, Inc. System and method for managing security events on a network
US20030159070A1 (en) 2001-05-28 2003-08-21 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US7127743B1 (en) 2000-06-23 2006-10-24 Netforensics, Inc. Comprehensive security structure platform for network managers
US20020091680A1 (en) * 2000-08-28 2002-07-11 Chirstos Hatzis Knowledge pattern integration system
US6542075B2 (en) 2000-09-28 2003-04-01 Vigilos, Inc. System and method for providing configurable security monitoring utilizing an integrated information portal
US7383191B1 (en) 2000-11-28 2008-06-03 International Business Machines Corporation Method and system for predicting causes of network service outages using time domain correlation
KR100376618B1 (en) 2000-12-05 2003-03-17 주식회사 싸이버텍홀딩스 Intelligent security system for network based on agent
US7168093B2 (en) 2001-01-25 2007-01-23 Solutionary, Inc. Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures
AU2002244083A1 (en) 2001-01-31 2002-08-12 Timothy David Dodd Method and system for calculating risk in association with a security audit of a computer network
US6966015B2 (en) 2001-03-22 2005-11-15 Micromuse, Ltd. Method and system for reducing false alarms in network fault management systems
AU2002344308A1 (en) 2001-05-31 2002-12-09 Internet Security Systems, Inc. Method and system for implementing security devices in a network
US7043727B2 (en) 2001-06-08 2006-05-09 Micromuse Ltd. Method and system for efficient distribution of network event data
US7516208B1 (en) 2001-07-20 2009-04-07 International Business Machines Corporation Event database management method and system for network event reporting system
US7278160B2 (en) 2001-08-16 2007-10-02 International Business Machines Corporation Presentation of correlated events as situation classes
US6928556B2 (en) 2001-08-30 2005-08-09 International Business Machines Corporation Method and apparatus in a data processing system for managing situations from correlated events
US7039953B2 (en) * 2001-08-30 2006-05-02 International Business Machines Corporation Hierarchical correlation of intrusion detection events
US7379993B2 (en) 2001-09-13 2008-05-27 Sri International Prioritizing Bayes network alerts
US20030084349A1 (en) 2001-10-12 2003-05-01 Oliver Friedrichs Early warning system for network attacks
US20030093692A1 (en) 2001-11-13 2003-05-15 Porras Phillip A. Global deployment of host-based intrusion sensors
US7143444B2 (en) 2001-11-28 2006-11-28 Sri International Application-layer anomaly and misuse detection
US7171689B2 (en) 2002-02-25 2007-01-30 Symantec Corporation System and method for tracking and filtering alerts in an enterprise and generating alert indications for analysis
US20030221123A1 (en) 2002-02-26 2003-11-27 Beavers John B. System and method for managing alert indications in an enterprise
US20030188189A1 (en) 2002-03-27 2003-10-02 Desai Anish P. Multi-level and multi-platform intrusion detection and response system
US20040015719A1 (en) * 2002-07-16 2004-01-22 Dae-Hyung Lee Intelligent security engine and intelligent and integrated security system using the same
US20040024864A1 (en) 2002-07-31 2004-02-05 Porras Phillip Andrew User, process, and application tracking in an intrusion detection system
ATE540505T1 (en) 2002-08-26 2012-01-15 Ibm DETERMINING THE LEVEL OF THREAT ASSOCIATED WITH A NETWORK ACTIVITY
US7376969B1 (en) 2002-12-02 2008-05-20 Arcsight, Inc. Real time monitoring and analysis of events from multiple network security devices
US7219239B1 (en) 2002-12-02 2007-05-15 Arcsight, Inc. Method for batching events for transmission by software agent
US7308689B2 (en) 2002-12-18 2007-12-11 International Business Machines Corporation Method, apparatus, and program for associating related heterogeneous events in an event handler
US7483972B2 (en) * 2003-01-08 2009-01-27 Cisco Technology, Inc. Network security monitoring system
US6985920B2 (en) * 2003-06-23 2006-01-10 Protego Networks Inc. Method and system for determining intra-session event correlation across network address translation devices
US7260844B1 (en) 2003-09-03 2007-08-21 Arcsight, Inc. Threat detection in a network security system
US7644365B2 (en) * 2003-09-12 2010-01-05 Cisco Technology, Inc. Method and system for displaying network security incidents
US7333999B1 (en) 2003-10-30 2008-02-19 Arcsight, Inc. Expression editor
FR2864282A1 (en) 2003-12-17 2005-06-24 France Telecom Alarm management method for intrusion detection system, involves adding description of alarms to previous alarm, using values established by taxonomic structures, and storing added alarms in logical file system for analysis of alarms
FR2864392A1 (en) 2003-12-17 2005-06-24 France Telecom Intrusion sensing probe alarm set classifying process for use in information security system, involves constructing lattice for each alarm originated from intrusion sensing probes, and merging lattices to form general lattice
US7509677B2 (en) 2004-05-04 2009-03-24 Arcsight, Inc. Pattern discovery in a network security system
US20080165000A1 (en) 2004-05-10 2008-07-10 France Telecom Suppression of False Alarms in Alarms Arising from Intrusion Detection Probes in a Monitored Information System
US7424742B1 (en) 2004-10-27 2008-09-09 Arcsight, Inc. Dynamic security events and event channels in a network security system
US8850565B2 (en) 2005-01-10 2014-09-30 Hewlett-Packard Development Company, L.P. System and method for coordinating network incident response activities
US7577633B2 (en) 2005-12-08 2009-08-18 Intellitactics Inc. Self learning event parser
US7961633B2 (en) 2005-12-08 2011-06-14 Sanjeev Shankar Method and system for real time detection of threats in high volume data streams
US7437359B2 (en) 2006-04-05 2008-10-14 Arcsight, Inc. Merging multiple log entries in accordance with merge properties and mapping properties
US9824107B2 (en) 2006-10-25 2017-11-21 Entit Software Llc Tracking changing state data to assist in computer network security
US8108550B2 (en) 2006-10-25 2012-01-31 Hewlett-Packard Development Company, L.P. Real-time identification of an asset model and categorization of an asset to assist in computer network security
RU2424568C2 (en) 2006-12-28 2011-07-20 Арксайт, Инк. Efficient storage of registration data with request support, facilating computer network safety

Also Published As

Publication number Publication date
ATE464729T1 (en) 2010-04-15
CA2565343A1 (en) 2005-11-17
WO2005107424A3 (en) 2006-03-02
WO2005107424A2 (en) 2005-11-17
AU2005240203A1 (en) 2005-11-17
NZ550752A (en) 2009-09-25
KR20070050402A (en) 2007-05-15
EP1749386A2 (en) 2007-02-07
PL1749386T3 (en) 2010-08-31
US7509677B2 (en) 2009-03-24
IL178861A (en) 2011-09-27
CA2565343C (en) 2013-01-15
JP2007536646A (en) 2007-12-13
US20050251860A1 (en) 2005-11-10
IL178861A0 (en) 2007-03-08
US20090064333A1 (en) 2009-03-05
KR101007899B1 (en) 2011-01-14
EP1749386B1 (en) 2010-04-14
AU2005240203B2 (en) 2011-01-27
JP5038888B2 (en) 2012-10-03
HK1096794A1 (en) 2007-06-08
US7984502B2 (en) 2011-07-19

Similar Documents

Publication Publication Date Title
DE602005020609D1 (en) TEM
ATE536156T1 (en) DEVICE FOR SUSTAINED IN-VIVO RELEASE OF AN ACTIVE INGREDIENT
WO2007089217A3 (en) Network discovery mechanisms
MY154611A (en) Using identifiers to establish communication
WO2007136508A3 (en) Techniques for providing security protection in wireless networks by switching modes
WO2007021513A3 (en) Exclusive access for secure audio progam
DE602008004755D1 (en) MEDIA RECOGNITION AND PACKAGE DISTRIBUTION AT A MEHPUNKT CONFERENCE
ATE492959T1 (en) MANAGEMENT OF TIERED COMMUNICATIONS SERVICES IN A COMPOSITE COMMUNICATIONS SERVICE
TW200731818A (en) Interference management using resource utilization masks sent at constant PSD
MX2010003481A (en) Distributed protocol for authorisation.
ATE463135T1 (en) DEVICE AND METHOD FOR SELECTING A VISITED NETWORK
GB0802585D0 (en) Determining a property of communication device
WO2008091833A3 (en) Method and system for identifying and reporting over-utilized, under-utilized, and bad quality trunks and gateways in internet protocol telephony networks
MA32818B1 (en) Arylpiperazine and their use as alpha 2c antagonists
FR2959090B1 (en) COMPUTER RESOURCE AND INFRASTRUCTURE MANAGEMENT TOOL AND NETWORKS
ATE440432T1 (en) IDENTIFICATION OF COMMUNICATION DEVICES
ATE447270T1 (en) METHOD AND SYSTEM FOR CPECF (CONFIGURATION FUNCTION FOR CUSTOMER SITE DEVICES) FOR OBTAINING THE TERMINAL DEVICE INFORMATION AND FOR CONFIGURING THE TERMINAL DEVICES
EP2444898A3 (en) System and method for business function reversibility
EA200600396A1 (en) MANAGEMENT SYSTEM FOR CARRYING OZAR GAMES
DE602005022308D1 (en) ARRANGEMENT AND METHOD FOR DISCOVERING DEVICES
Neng-Wang et al. Watershed Scale Ecosystem Services: Progress and Prospective
Dong et al. Design and implementation of a topology discovery system for networks.
Franklin Dongtan: The World's First Eco-City
Arfeen et al. Scaling analysis of the internet traffic structural dynamics
郭静 Audit Sampling for Compliance tests

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8328 Change in the person/name/address of the agent

Representative=s name: SCHOPPE, ZIMMERMANN, STOECKELER, ZINKLER & PARTNER

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载